On 10/13/06, Michael Barto <[EMAIL PROTECTED]> wrote:

 This  probably sacrilege, but some of these zone security issues
might be better served with Secure Solaris,  if the security requirements
are this extreme (e.g . DOD). Adding complex security always add
complex overhead. On the other hand locking out the global zone to all
purposes and administrators except for managing zones (nothing else)
creates less security overhead.

       A problem I see with that approach (Global Zone is for
management of NG Zones only) is what happens in the case of a system
that is not using NG Zones. Right now a Solrais 10 system out of the
box is a Global Zone. Would the tools need to be aware if there were
any NG Zones and act differently ? That doesn't seem like a good idea
to me.

       BTW, that is the way we treat the Global Zone (creation and
management of NG Zones). No services run out of the Global Zone unless
it is required to be in the Global Zone (NFS server, NTP, etc.).

       Perhaps going in the direction of Secure Solaris, there should
be an option at installation to choose Restricted or Trusted Global
Zone, although that has it's own set of issues.

Paul Kraus
zones-discuss mailing list

Reply via email to